The essential news about content management systems and mobile technology.
Powered by Joocial & JoomGap.
  • Project: Joomla!
  • SubProject: CMS
  • Severity: High
  • Versions: 3.7.0
  • Exploit type: SQL Injection
  • Reported Date: 2017-May-11
  • Fixed Date: 2017-May-17
  • CVE Number: CVE-2017-8917


Inadequate filtering of request data leads to a SQL Injection vulnerability.

Affected Installs

Joomla! CMS versions 3.7.0


Upgrade to version 3.7.1


The JSST at the Joomla! Security Centre.

Reported By: Marc-Alexandre Montpas /

Read more